Описание
Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php.
Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-3691
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42254
- http://securityreason.com/securityalert/1244
- http://www.osvdb.org/28254
- http://www.securityfocus.com/archive/1/440114/100/0/threaded
- http://www.securityfocus.com/archive/1/440133/100/0/threaded
- http://www.securityfocus.com/archive/1/440141/100/0/threaded
- http://www.securityfocus.com/archive/1/440145/100/0/threaded
- http://www.securityfocus.com/archive/1/491770/100/0/threaded
- http://www.securityfocus.com/bid/18937
EPSS
Процентиль: 80%
0.0139
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php.
EPSS
Процентиль: 80%
0.0139
Низкий